Privacy Policy


In accordance with the company’s core values, MetaOptima complies with even the most stringent privacy requirements. Due to the fact that different countries provide distinct requirements in terms of privacy, you are encouraged to review and adhere to your country’s privacy policies in accordance with your jurisdiction requirements.

Australia

Last Updated: April 18th, 2019

This Privacy Policy describes our approach to the collection and use of personal information, our roles and responsibilities, including our contractors and employees, your responsibilities as a DermEngine user, which will include Customers and Patients (you, your) and options for interacting with MetaOptima (we, us, our).

This represents our APP Privacy Policy in accordance with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs) (The Privacy Principles).

Background

At MetaOptima, your privacy is very important to us.

We are required by the Privacy Act 1988 (Cth) (Privacy Act) to comply with the APPs (The Privacy Principles). The Privacy Principles regulate the manner in which personal information is handled throughout its life cycle, from collection to handling and use and disclosure, storage, accessibility and disposal.

This Privacy Statement outlines the information collection and handling policies of MetaOptima, and describes the processes we implement in order to comply with the Privacy Principles. By providing us with your personal information, you agree to be bound by the terms of this policy.

Customer Data

It is very important that you understand that the personal information we collect from you, as a DermEngine user, is the necessary information to operate your DermEngine account and in providing you with the products or services (Customer Data). The Customer Data that we collect from you does not include health information. As a healthcare provider, you are responsible for collecting personal information, including health information from your patients (Patient Data), as well as collecting and maintaining all appropriate consents from them. As a DermEngine user, you must ensure that you have obtained consent from the relevant individual to disclose to us any health information collected by you, for the uses described in this Privacy Policy.

Patient Data

Where Patient Data (including health information) is disclosed to us by you as our customer or by a patient, it will be collected, held, used, or disclosed in accordance with MetaOptima‘s obligations set out in the Privacy Act and this Privacy Policy.

Personal Information

According to the Privacy Act, personal information is information or an opinion, in any form and whether true or not, about an identified (or reasonably identifiable) individual.

The Privacy Act provides extra protections around the handling of sensitive information. Health information is regarded as one of the most sensitive types of personal information. Health information includes information or an opinion about the health or disability of an individual, an individual’s wishes about the future provision of health services to him or her and the health services provided to an individual.

What personal information we collect

Customer Data

Categories of Personal information that we may collect from you includes (but is not limited to): name, billing and delivery address, email address contact telephone and fax numbers, date of birth, and your elected username and password.

Patient Data

We may collect the following categories of personal information in the form of Patient Data including: name, address, health id number, email, ethnic origin, skin colour, skin condition, body image, skin images, diagnosis, medical notes and other related health information.

How we collect personal information

Customer Data

The circumstances in which we may collect personal information from you include when you:

  1. register on our online platform dermengine.com;
  2. is invited by a colleague to join our online platform;
  3. the company/hospital/clinic you work for creates an account and you are one of the users invited by them to join the group account;
  4. fill out a request for information form on our website;
  5. request to be contacted by us for further information about our services and products;
  6. complete a feedback form or product enquiry;
  7. request support of or assistance with using our products;
  8. participate in a promotional offer or competition; and/or
  9. subscribe to our newsletter or mailing list.

We may collect this information either online, directly on our platform, or in person. You may be anonymous or use a pseudonym when dealing with us, unless the use of your personal information is a legal requirement or it is impracticable for us to deal with you anonymously or under a pseudonym.
If you choose not to supply us with the personal information we request, we may be unable to provide you with our products or services.

Patient Data

We may collect personal information in the form of Patient Data in the following circumstances:

  1. where you enter Patient Data into the DermEngine platform;

  2. where a patient has access to a patient portal and creates a personal profile by entering personal information; or

  3. if we migrate patient data from other internal or external systems or an Electronic Medical Record with the consent of you or the patient.

Automatically Collected Information

When you use the Service, we may automatically record certain information from your device, some of which may be personal information, by using various types of technology, including cookies, “clear gifs” or “web beacons.” This automatically collected information may include IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Service, the pages or other content you view or interact with on the Service, and the dates and times of the visit, access, or use of the Service. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you open, click on, or forward a message. You may limit the automatic collection of certain information by our Service, for instance by disabling the cookies using your browser options. Please be aware that by doing so it may prevent you from using specific features on our Service, such as maintaining an online account. We use automatically collected information and other information collected on the Service through cookies and similar technologies to: (i) personalize our Service, such as remembering your information so that you will not have to re-enter it during a visit or on subsequent visits; (ii) provide customized advertisements, content, and information; (iii) monitor and analyze the effectiveness of Service and third party marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (v) track your entries, submissions, and status in any promotions or other activities on the Service.

Why we collect, hold, use and disclose Personal Information

In order to provide our products and services and manage our customer relationships, we need to collect Data, including personal information in relation to our DermEngine users. We collect, hold, use and disclose personal information where it is reasonably necessary for us to carry out our business functions and activities, for example, in order to provide you with our products and services.

We also collect, hold, use and disclose personal information for related purposes that you would reasonably expect, including our administrative and accounting functions, providing you with information about other products and services offered by us, marketing and promotions, market research, newsletter communications, statistical collation and website traffic analysis. Where we wish to use or disclose your personal information, or personal information in the form of Patient Data for other purposes, we will obtain your consent.

We may provide you with electronic marketing messages from time to time. You may opt out of receiving electronic messages from us at any time by contacting our Privacy Officer via the contact details at the bottom of this privacy policy or by using the opt out mechanism included in our electronic marketing messages.

Customer Data

Personal Information collected about you is only used in order to:

  1. verify your identity;
  2. provide and administer you with the products or services you have requested, or respond to your queries;
  3. send invoices or statements, and collect payments from you;
  4. notify you about existing or new products, versions, updates, services or promotions we, our related companies, or selected partner companies may offer from time to time; and
  5. provide our customers and potential customers with an up to date, useful and personalised website and services.

We may also use the personal information we collect in order to communicate with you including notifying you of the availability of important regular data and program version updates for your recommended download and installation, and notifying you of other product, service and company news which we believe is relevant to you and your user experience. If at any time you no longer wish to be notified about new products, services or promotions, please let us know by contacting one of our Privacy Officer, whose contact details are set out below.

We may use a third party independent contractor to conduct services which we are unable to, such as internet traffic measurement, website hosting, and patient information materials. Use of such services may involve coding being placed on web pages on the DermEngine/MetaOptima website to enable the collection and analysis of site visitor numbers, length of visit and pages visited. The contractor may collect and collate aggregate and non-personal information which is then provided to us to assist us to provide a product or service you’ve requested, and to provide you with a better user experience.

Sometimes the information we collect from you or in relation to Patient Data may include de-identified demographic information such as age, gender, location, occupation, or interests, which is not personal information. We may use such information for our own internal business purposes or to improve our products and services. We may also disclose such de-identified information to third parties including consultants, suppliers, partners, customers or potential customers.


Disclosure of Personal Information

Your patient’s personal information collected by you

It is important that your patients are aware that we do not disclose their personal information with anyone without consent. They should be aware that you can use DermEngine to store their personal information and disclose as part of healthcare providers providing them with healthcare. Their personal information might be disclosed by you through DermEngine through your use of the DermEngine service, in accordance with the access controls you have set, or as otherwise required or authorised by law.

Patients’ personal information might also be disclosed by you (healthcare provider/DermEngine user) with:

  • the patient himself/herself;
  • his/her authorised representative(s);
  • his/her nominated representative(s) in accordance written consent;
  • registered healthcare providers and healthcare provider organisations involved in patient’s healthcare;
  • a registered healthcare provider (including individuals and organisations) in an emergency situation;
  • registered account operators if you within health organizations;
  • the Australian Commission on Safety and Quality in Health Care, where necessary to ensure the clinical safety of individuals using DermEngine system;
  • MetaOptima authorized employees to assist us in establishing and operating DermEngine. These employees are bound by strict obligations to treat individuals’ personal information with the same level of respect, privacy and security that they are entitled to from MetaOptima.

Patient Data collected by us

Where we collect Patient Data that includes personal information, we may disclose it in the following ways:

  1. where a patient accesses a patient portal and enters personal information; or
  2. if we migrate patient data from other internal or external systems or an Electronic Medical Record, we may disclose that information to you as the healthcare provider with the patient’s consent.
Your personal information collected by us

We will disclose personal information we hold when required to do so by law, including in response to a court order or a subpoena. We also may disclose such information in response to a law enforcement agency’s request.

We will not disclose your personal information to partner companies for them to use for other purposes or to market their products or services to you directly, and we will endeavour to ensure that partner companies adhere to the obligations contained within the Privacy Act.

We will not otherwise disclose personal information to third parties without your consent, except to:

  1. contractors who provide us with services, such as call centre, billing, credit collection, help desk and support services providers;
  2. government, law enforcement and regulatory bodies where this is necessary for us to comply with our legal obligations; and
  3. parties to whom we sell all or part of our business.

We do not sell, rent or trade personal information to or with third parties.


Overseas disclosure of Personal Information

All information stored by the DermEngine platform is stored in Australia. We will not disclose or store overseas any Customer Data or Patient Data except that we may disclose Customer Data to our related company in Canada, only for the purposes of providing you with our products or services, or for the maintenance of the DermEngine platform.

If it is necessary for MetaOptima to disclose personal information outside Australia in order to provide you with our products or services, we will request your specific consent and will, before disclosing personal information overseas, take reasonable steps to ensure that the overseas recipient do not breach the Privacy Act.


How is information kept secure?

The protection and security of your personal information is something we take very seriously. We are committed to keeping personal information secure. We take robust precautions to protect personal information from misuse and loss, and from unauthorised access, modification or disclosure. We have a range of practices and policies in place to provide a secure system.

The security and protection measures of DermEngine include:

  • not registering an individual if we are satisfied the individual may compromise the security or integrity of DermEngine;
  • monitoring access to DermEngine accounts to quickly detect suspicious or inappropriate behaviour;
  • requiring users to comply with a number of security obligations in the Privacy Act;
  • a multi-layered ICT system of firewalls, gateways and portals to ensure only authorised users can access DermEngine;
  • personal information transmitted or stored by or on behalf of us will be encrypted in accordance with the Australian Government Information Security Manual;
  • a graduated range of enforcement options where privacy or security are breached. For serious breaches, these options include the ability to seek civil and criminal penalties for unauthorised collection, use or disclosure of health information in DermEngine;
  • maintaining Access History of access to DermEngine Accounts which you can access;
  • a mandatory data breach reporting procedure;
  • rigorous, on-going security testing, including penetration testing;
  • a framework which details how any person who wishes to access a DermEngine is appropriately identified and authenticated;
  • developing and delivering education and awareness programs which highlight the need for individuals to protect themselves against security threats, hoaxes and scamming activities;
  • educating employees and contractors of their obligations when handling personal information; and
  • requiring employees and contractors to individually authenticate themselves when accessing DermEngine.

How we hold and store Personal Information

We take reasonable steps to ensure the personal information held by us is secured from such risks as loss or unauthorised access, destruction, use, modification or disclosure.

We keep your information, Customer Data and Patient Data in a secure cloud server in Australia.

Our systems are password protected and comply with our security standards. We only permit personal information to be accessed by authorised personnel, and our employees are required to comply with our privacy policies and respect the confidentiality of any personal information held by us. In this instance, any agent or contractor who has access to personal information we hold is required to protect this information in a manner that is consistent with our policy by, for example, not using the information for any purpose other than to carry out the service they are performing for us. We endeavour to develop and implement appropriate measures to safeguard the personal information we hold against unauthorised use or disclosure.

Access and correction of Personal Information

We take reasonable steps to make sure that the personal information we collect, use and disclose is accurate, complete and up-to-date.

Customer access

You may in some instances be able to access the information we hold about you. If you would like to access your personal information, please contact our Privacy Officer, who will explain how we will handle your access request,. In some circumstances, we may not permit access to your personal information, or may refuse to correct your personal information, in which case we will provide you with reasons for this decision.

We will assume (unless you tell us otherwise) that your request for access relates to our current records about you and your patients. These current records include personal information about you which is included in our databases, and which may be used by us on a daily basis.

If you believe that personal information about you is not accurate, complete or up to date, please provide your request for correction. We will consider any requests for correction in a timely way.

Patient access

Your patients also have the right to request access to personal information that we hold about them. You can give them access to their personal information in the settings control page of their profile. If you don’t know how to do that, contact us.

They can also request us through an online form to access, delete and correct their personal information.

Correcting patient information in uploaded documents

If you consider that the health or other personal information we hold about you is not accurate, complete or up-to-date, or if your information has changed, they should first contact the you, as their healthcare provider, who authored the information to correct it.

If a healthcare provider refuses to correct the information you may complain to us, or the Office of the Australian Information Commissioner.

Time of retention

If you cancel registration with DermEngine system or in case of death, the following will occur:

  • all documents will be kept in the system for the period recommended by law;

  • you, your representative will only be able to access your account by making a request to us;

  • other healthcare providers will only be able to access your customer account where required or authorised by law;

  • other healthcare providers will not be able to upload documents to your customer account;

  • your customer account may still be accessed by us for the purposes of maintenance, audit and other purposes required or authorised by law;

  • all other documents that are held by registered repository operators will be subject to local state or territory retention requirements.


If you cancel your customer account, but later re-register for an account:

  • your reactivated customer account may include personal information which was included in your account prior to it being cancelled.

Destruction and De-identification

MetaOptima retains personal information only whilst it is required for our business functions, or for any other lawful purpose. We use secure methods to destroy or to permanently de-identify personal information when it is no longer required or if we determine that the personal information received is required to be destroyed or permanently de-identified in accordance with the Privacy Act.

Complaints and Concerns

If you have any questions or comments about this Privacy Statement, or if you wish to complain about how we have handled personal information about you, please contact our Privacy Officer as follows:

Email: privacy@metaoptima.com

Tel: +1 778.328.1949

Website: metaoptima.com

We will respond to let you know who will be handling your matter and when you can expect a further response. We may request additional details from you regarding your concern, and we may need to engage or consult with other parties to investigate and deal with your issue. We will keep records of your request and any resolution.

If you are still not satisfied, you can contact the Office of the Australian Information Commissioner (http://www.oaic.gov.au), or telephone 1300 363 992.

Changes to this Privacy Policy

This Privacy Statement may change from time to time and you should check regularly for updates. This policy was last updated on 18 April 2019.

Brazil

Última atualização: 05 de Maio de 2018

Nós da MetaOptima Technology Incorporated (“MetaOptima”, “nós” ou “nosso”) estamos empenhados em respeitar os direitos de privacidade de nossos clientes, médicos, pacientes e outros usuários de nossa plataforma DermEngine ("Serviços") fornecidos através do site www.dermengine.com.br (coletivamente "Website") ou pelo aplicativo móvel (" App "). A presente Política de Privacidade ("Política de Privacidade") foi criada para lhe dar a confiança ao visitar e utilizar o Website e/ou App, e para demonstrar nosso compromisso com práticas de informações justas e à proteção da privacidade. Esta Política de Privacidade é aplicável somente ao nosso Website e App, e não a quaisquer outros websites ou serviços que você possa acessar a partir deste ou qualquer website de distribuidores, representantes ou parceiros. A MetaOptima não tem controle sobre as políticas e práticas de privacidade de tais sites de terceiros, e se você tiver alguma dúvida, é aconselhável revisar os termos desses sites para obter mais informações sobre as políticas aplicáveis a esses sites. O uso no nosso Website é regido por esta Política de Privacidade e os Termos de Uso.

Esta Política de Privacidade esclarece o uso de informações, incluindo dados pessoais identificáveis (“Dados Pessoais”) e outras informações coletadas pelos usuários do Serviço. A MetaOptima está comprometida em proteger a privacidade online de usuários e pacientes. Sentimos que é importante esclarecer como lidamos com as informações que recebemos em nossa plataforma.

Definição de usuário de nossa Plataforma

O usuário da Plataforma deve estar capacitado realizar a coleta de informações do Paciente, podendo ser este: um Médico, profissional de saúde ou técnico de saúde. Cada usuário é obrigado a fornecer um endereço de e-mail individual para iniciar acesso às funcionalidades disponíveis na plataforma.

Quando uma pessoa se torna usuário de nosso sistema, esta deverá ter seus dados cadastrais inseridos, tais como seu nome, email, endereço, CPF, número do CRM - Conselho Regional de Medicina. A integridade e veracidade das informações dos Usuários são de sua própria responsabilidade. Usamos essas informações apenas para permitir realizarmos nosso propósito de apoiar o processo de triagem de pacientes que é realizada pelos usuários de nossa plataforma.

Informações que coletamos:

A submissão de dados à DermEngine pelo Usuário obrigatoriamente deve ser feita com informações recebidas de Pacientes de forma totalmente voluntária. Quando um usuário utiliza nosso Serviço ou nos envia solicitações, informações específicas de Pacientes são armazenadas, incluindo o nome e sobrenome, endereço de e-mail, endereços postais, etnia, foto, imagem, gênero, histórico de condição da pele, data de nascimento, CPF, entre outras que possam se fazer necessárias para o registro e tratamento médico. As informações dos Pacientes estão vinculadas sempre a um Usuário, sendo este o principal responsável pelo sua integridade e veracidade. Usamos essas informações para permitir realizarmos nosso propósito. É de responsabilidade do profissional de saúde, usuário da plataforma, recolher a assinatura digital do paciente sob os Termos de Consentimento no momento de seu cadastro.

Esses dados são armazenados como registro individual de cada paciente e são gerenciados pelo usuário responsável pela coleta de informações, devendo ser mantidos em sigilo por este. Em casos específicos, esses dados são anonimizados e podem ser usados para fins analíticos para ajudar dermatologistas e profissionais de saúde a entender melhor as condições da pele.

Coletamos e registramos o endereço IP de todos os visitantes em nosso Site. Um endereço IP é um número atribuído automaticamente ao seu computador sempre que você acessa a Internet. Os endereços IP permitem que computadores e servidores reconheçam e se comuniquem uns com os outros. Coletamos informações de endereço IP para que possamos administrar adequadamente nosso sistema e coletar informações agregadas sobre como o site MoleScope está sendo usado, incluindo as páginas que os visitantes estão visualizando. Para manter seu anonimato, não associamos endereços IP a registros que contenham informações pessoais. No entanto, usaremos as informações de endereço IP para identificá-lo pessoalmente, a fim de garantir nossos direitos legais ou, quando solicitado, pelas autoridades.

Privacidade das crianças:

A utilização do DermEngine está destinada a usuários maiores e devidamente capacitados. A coleta de dados e imagens de menores de idade, necessita obrigatoriamente o acompanhamento de responsável legal. A coleta de informações pessoais de pacientes somente poderá ser realizada com o respectivo consentimento e autorização dos pais ou responsável legal.

Uso de Cookies e outras tecnologias:

A Plataforma poderá usar cookies ou outras tecnologias de identificação para ajudar a personalizar a sua experiência. Cookies são pequenos arquivos de texto armazenados na memória do seu computador. Um cookie contém informações, inclusive pessoais, que poderão ser lidas posteriormente por um servidor localizado no domínio que o emitiu. As informações que os cookies coletam incluem a data e o horário da sua visita, histórico de navegação etc.

Os cookies trazem diversos benefícios, uma vez que permitem identificar usuários antigos quando estes retornam à Plataforma, possibilitando seu direcionamento a conteúdos personalizados e/ou serviços similares. Os cookies também poupam tempo, tornando desnecessário inserir as mesmas informações diversas vezes.

A utilização das informações disponíveis no site:

As informações do paciente são coletadas, armazenadas e analisadas pelo Médico ou Profissional de Saúde, usuários da Plataforma, de forma totalmente independente da MetaOtima. Estas informações não representam diagnósticos, opiniões ou qualquer sugestão dada ou de responsabilidade da MetaOptima. A Plataforma não é capaz de realizar diagnóstico médico, sendo apenas uma ferramenta de apoio ao Médico no desempenho de suas responsabilidades. Como parte de Pesquisa e Desenvolvimento, usamos as informações para entender e analisar as tendências e preferências de uso de nossos usuários para melhoria do nosso Serviço e para aprimorar a nossa Plataforma, para desenvolver novos produtos, serviços, algoritmos, recursos e funcionalidades.

Como protegemos seus dados pessoais:

Em primeiro lugar, temos um processo de análise privacidade que cuida das avaliações internas para garantir que nossos procedimentos estejam atualizados com os regulamentos. Também usamos serviços de nuvem em local seguros para armazenar seus dados. Todos os dados que você digita no Site são criptografados. Isso significa que seus dados são protegidos enquanto estão sendo transferidos pela Internet para nossos servidores.

Informações especiais aos pais:

Embora os site da MetaOptima não se destina a ser usado por menores de 18 anos, é política da MetaOptima estar em conformidade com a lei no que se refere a exigir a permissão dos pais ou responsáveis antes de coletar, usar ou divulgar informações de menores. A MetaOptima recomenda a supervisão das atividades online de menores de 18 anos pelos pais.

Armazenamento de informações

Todas as informações que sejam caracterizadas como laudo médico, com valor legal, são armazenadas localmente, não podendo ser transmitidas para sistemas de armazenamento em nuvem fora do Brasil.

Alterações da Política de Privacidade

A MetaOptima reserva-se ao direito de alterar a Política de Privacidade, bem como qualquer outra política e termo de uso da Plataforma, a qualquer momento e ao seu exclusivo critério. As alterações entrarão em vigor no momento da respectiva publicação. O uso da plataforma constituirá aceitação de eventuais alterações da Política de Privacidade. Se você não concordar com os termos alterados da Política de Privacidade, deverá descontinuar o uso da Plataforma.

No caso de alterações significativas desta Política de Privacidade ou da forma como a MetaOptima usa suas informações, a MetaOptima promoverá esforços razoáveis para dar publicidade à estas alterações, como envio de email, uma mensagem no próprio Site ou no Aplicativo. A MetaOptima não promoverá alterações na Política de Privacidade com o objetivo de prejudicar ou reduzir direitos do Usuário.

Contate-nos para perguntas, esclarecimentos ou reclamações:

Por favor contacte-nos para qualquer questão ou comentário sobre esta Política de Privacidade, ou se você tiver uma reclamação ou problema, ou ainda, se você acredita que seus direitos de privacidade foram violados, você pode nos enviar um e-mail para: privacy@metaoptima.com.

United States of America

 

Last Updated: March 27th, 2019.

 

  1. Introduction:

 

This Privacy Policy describes MetaOptima’s (“MetaOptima”, or “we”, “us” or “our”) agreement with you when you visit any of our public-facing websites available at https://www.dermengine.com/ (the “Websites”).

 

By using the Websites, you signify your agreement to this policy.  If you do not agree to this policy, you may not use the Websites. Please note that this Website Privacy Policy does not apply to use of any of our offerings or services other than the Websites. Your use of any other of our offerings or services will be subject to an additional terms and conditions, as applicable.

 

  1. Privacy Policy:

 

We respect your privacy and created this Privacy Policy to let you know what information we collect when you access and/or use our Websites and how we may use or disclose it.

 

What information do we collect? We collect information in the following ways:

 

  • Information you provide: You may voluntarily enter or otherwise provide information to us on the Websites, such as through email, an online inquiry, or any other method by which you voluntarily provide information to us through the Websites.
  • Information we gather:  As you browse through the Websites, our servers automatically collect certain information about you which may include: (a) the name of the domain and host from which you access the Internet; (b) the browser software you use and your operating system; (c) the Internet address of the website from which you linked to the Websites; (d) the Internet address of the device you used to access the Websites and the location from which such access occurred; and (e) the time(s) when you accessed the Websites.

 

How may we use or disclose the information we collect?  We may use or disclose the information we collect to fulfill the purpose for which you provided it or we collected it, such as to:

 

  • provide you with information that you request from us or perform a function you request (e.g. adding you to our email list);
  • improve, market or promote our offerings and services;
  • compile, synthesize, generate and analyze anonymous usage and other aggregated information to monitor website performance and make improvements to site navigation and content;
  • protect the security and integrity of our information technology systems; and
  • to make recommendations to you about available opportunities and offerings.

 

We may also use or disclose the information we collect for any other purpose we describe when we collect your information or to which you consent.

 

With whom will this information be shared? MetaOptima does not sell or rent your personal information. We may, however, share your personal information with certain service providers that support our organizational activities, and our agreements with those service providers require them to keep your information secure.

 

How is this information secured? MetaOptima maintains appropriate technical and organizational security measures to safeguard the information you provide or that the Websites collect.

 

Cookies:  A cookie is a file that a website can place on your computer's hard drive for record-keeping or other administrative purposes.  We may use cookies with your consent to help personalize your experience.

 

Your California privacy rights: If you are a California resident, you may request that we provide you with certain information about the entities with which we have shared our Website visitors’ personal information for direct marketing purposes during the preceding calendar year.  To do so, please contact us as directed below.

 

NOTICE TO CHILDREN UNDER THE AGE OF 13 AND THEIR PARENTS OR LEGAL GUARDIANS: MetaOptima DOES NOT KNOWINGLY COLLECT PERSONAL INFORMATION FROM CHILDREN UNDER THE AGE OF 13 AND CHILDREN UNDER THE AGE OF 13 ARE SPECIFICALLY PROHIBITED FROM SUBMITTING ANY PERSONAL INFORMATION ON THE WEBSITES.  IF YOU ARE UNDER THE AGE OF 13, DO NOT SEND TO MetaOptima ANY PERSONAL INFORMATION INCLUDING WITHOUT LIMITATION YOUR EMAIL ADDRESS, NAME AND/OR CONTACT INFORMATION.

 

III. General Information

 

Update. Please revisit this page periodically to stay aware of any changes to this Privacy Policy, which we may update from time to time. If we modify the Privacy Policy, we will make it available through on the Websites, and indicate the date of the latest revision, and will comply with applicable law. Your continued use of the Websites after the revised Privacy Policy has become effective indicates that you have read, understood and agreed to the current version of the Privacy Policy.

Contact Us. If you have any questions or comments about this Privacy Policy please contact us at privacy@metaoptima.com

 

 

Rest of the world

Last Updated: June 4th, 2018

Welcome, and thank you for your interest in MetaOptima Technology Inc. (“MetaOptima”, “we” or “us”), our website at (the “Site”), and all related websites, downloadable software, mobile applications (including tablet applications), and other services provided by us (including DermEngine and MoleScope) and on which a link to this Privacy Policy is displayed, and all other communications with individuals though from written or oral means, such as email or phone (collectively, together with the Site, our “Service”).

This Privacy Policy (“Policy”) describes the information that we gather on or through the Service, how we use and disclose such information, and the steps we take to protect such information. By visiting the Site or by using the Service, you accept the terms and conditions of this Policy.

This Policy is incorporated into, and is subject to, the applicable Terms of Service and/or Terms of Use. Capitalized terms used but not defined in this Policy have the meaning given to them in these documents.

This Policy applies indistinctly and generally to any Patient and Medical Professional using the Service (particularly DermEngine and MoleScope) (collectively “Users”).

1. Collection of Information

We collect different types of information from or through the Service. The legal bases for our processing of Personal Information are primarily that the processing is necessary for providing the Service and/or healthcare services to you and that the processing is carried out in our legitimate interests, which are further explained in the “Use of Information” section. We may also process Personal Information upon your consent, asking for it as appropriate.

a) User-Provided Information

When User uses the Service, you may provide and we may collect certain information that personally identifies you or could be used to personally identify you (“Personal Information”). Personal Information includes (but is not limited to) the following categories of information: name, postal address, email address and telephone number, gender, date of birth, photos, etc. Personal Information also includes other information, such as preferences, when any such information is linked to information that identifies a specific individual. You may provide us with Personal Information in various ways on the Service. For example, when you use the Service, send us customer service-related requests, register for an account, etc. If you choose to withhold any Personal Information requested by us, it may not be possible for you to gain access to certain parts of the Service.

b) Medical Professional-Provided Information

When Medical Professional uses the Service, you may provide and we may collect Personal Information about Patients, including contact details but also health-related information (which is also known as a “special category of personal data” under the General Data Protection Regulation (GDPR), meaning that it must be handled even more sensitively). The special categories of personal information we hold about Patients may include the following: ethnic origin, skin colour, skin condition, body image, skin images, diagnosis, medical notes and other related health information. You are accountable for collecting Patient acceptance to this Policy, maintaining secure Patient special categories of personal information, not disclosing them with unauthorized third parties and comply with all applicable laws.

c) Information From Other Sources

We may obtain information, including Personal Information, from third parties and sources other than the Service, such as our partners or advertisers. If we combine or associate information from other sources with Personal Information that we collect through the Service, we will treat the combined information as Personal Information in accordance with this Policy.

d) Automatically Collected Information

When you use the Service, we may automatically record certain information from your device by using various types of technology, including cookies, “clear gifs” or “web beacons.” This automatically collected information may include IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Service, the pages or other content you view or interact with on the Service, and the dates and times of the visit, access, or use of the Service. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you open, click on, or forward a message. You may limit the automatic collection of certain information by our Service, for instance by disabling the cookies using your browser options. Please be aware that by doing so it may prevent you from using specific features on our Service, such as maintaining an online account. We use automatically collected information and other information collected on the Service through cookies and similar technologies to: (i) personalize our Service, such as remembering your information so that you will not have to re-enter it during a visit or on subsequent visits; (ii) provide customized advertisements, content, and information; (iii) monitor and analyze the effectiveness of Service and third party marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (v) track your entries, submissions, and status in any promotions or other activities on the Service.

2. Use of Information

We take steps designed to ensure that only those employees who need access to your Personal Information to fulfil their employment duties will have access to it.

We use the information that we collect in a variety of ways in providing the Service and operating our business, including:

  • to operate, maintain, enhance and provide all features of the Service (including research and development purposes), to provide the services and information that you request, to respond to comments and questions and to provide support to users of the Service;
  • to understand and analyze the usage trends and preferences of our users, to improve the Service, and to develop new products, services, feature, and functionality;
  • to send you communications in compliance with applicable laws; or
  • to comply with legal and regulatory requirements, where applicable.

3. Communication of Information

In certain circumstances, in order to perform the Service, we may disclose certain information that we collect from you:

  • within our family of companies, including parents, corporate, affiliates, subsidiaries, business units and other companies that share common ownership;
  • with third party service providers who provide website, application development, hosting, maintenance, and other services for us. These third parties may have access to, or process Personal Information as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information;
  • with other doctors and health care professionals to provide a shared care subject to Patient consent or at Medical Professional discretion upon Patient consent;
  • with law enforcement and governmental entities when required by law. For greater clarity, we may disclose Personal Information or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies; and
  • to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets and only if the recipient of your Personal Information commits to a privacy policy that has terms substantially consistent with this Policy.

When we disclose your Personal Information to third parties, we take reasonable measures to ensure that the rules set forth in this Policy are complied with and these third parties provide sufficient guarantees to implement appropriate technical and organisational measures.

We may finally make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding your interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service.

4. Security and Retention

We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate physical, technical and administrative safeguards to protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards. If you believe your Personal Information has been compromised, please contact us as set forth in the “Contact Us” section. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.

We will only keep your Personal Information for as long as reasonably necessary to fulfil the relevant purposes set out in this Policy and in order to comply with our legal and regulatory obligations. If you would like further information regarding the periods for which your Personal Information will be kept, please contact us as set forth in the “Contact Us” section.

5. Data Transfer

Depending on where you use the Service, subject to applicable laws, your Personal Information may be stored and processed locally by certified cloud service providers in Germany, Canada, the United States or Australia. By using the Service, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules than in your country. While such information is outside of your country of residence, it is subject to the laws of the country in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country. However, our practices regarding your Personal Information will at all times continue to be governed by this Policy and, if applicable, we will comply with the GDPR requirements providing adequate protection for the transfer of Personal Information from the EU/EEA to third country.

6. Third-Party Services

The Service may contain features or links to websites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service. We encourage you to learn about third parties’ privacy and security policies before providing them with information.

7. Rights Regarding Personal Information

On written request and subject to proof of identity, you may access the Personal Information that we hold, used or communicated and ask that any necessary corrections be made, where applicable, as authorized or required by law. However, to make sure that the Personal Information we maintain about you is accurate and up to date, please inform us immediately of any change in your Personal Information by mail or e-mail.

Additional Rights for Europeans Users

Please note that the term Personal Information used in this Policy is equivalent to the term “personal data” under the GDPR and other applicable European data protection laws. Under the GDPR, you may be entitled to additional rights, including: (i) the right to withdraw consent to processing where consent is the basis of processing; (ii) the right to access your Personal Information and certain other supplementary information, under certain conditions; (iii) the right to object to unlawful data processing, under certain conditions; (iv) the right to erasure of Personal Information about you, under certain conditions; (v) the right to demand that we restrict processing of your Personal Information, under certain conditions, if you believe we have exceeded the legitimate basis for processing, processing is no longer necessary, or believe your Personal Information is inaccurate; (vi) the right to data portability of personal data concerning you that you provided us in a structured, commonly used, and machine-readable format, under certain conditions; (vii) the right object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions; (viii) the right to lodge a complaint with data protection authorities. If you want to learn more about your rights under the GDPR, you can visit the European Commission’s page on Data Protection at: http://ec.europa.eu/justice/data-protection/index_en.htm.

You may exercise your rights by using the Subject Access Request Form or contacting us as indicated under the “Contact Us” section.

8. Children’s Privacy

The Service is not directed to children under the age of 16, and we do not knowingly collect Personal Information from children under the age of 16 without obtaining parental consent. If you are under 16 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Information has been collected on the Service from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 16 years of age has provided Personal Information, then you may alert us as set forth in the “Contact Us” section and request that we delete that child’s Personal Information from our systems.

9. Surveys

You may be asked to complete surveys when you visit the Site. We use information from surveys to better understand the needs of our users and to gather information about health care trends and issues. We may share anonymized information from surveys with third parties who perform data management services for our site. Those third parties have agreed to keep all data from surveys confidential. Also, we may share information from surveys in an aggregated, anonymized form with third parties with whom we have a business relationship.

10. Update

Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Service, and indicate the date of the latest revision, and will comply with applicable law. Your continued use of the Service after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.

11. Contact Us

If you have any questions or comments about this Policy or your Personal Information, to make an access or correction request, to exercise any applicable rights, to make a complaint, or to obtain information about our policies and practices with respect to any service providers outside Canada, our Privacy Officer (or Data Protection Officer) can be reached by mail or email using the following contact information:

Privacy Officer

MetaOptima Technology Inc.

1055 W Georgia St #2275, Vancouver, BC, Canada V6E 3P3

privacy@metaoptima.com.